Pages

Monday, 19 December 2016

OpenAM in 5 Minutes

At ForgeRock we pride ourselves on how quickly you can get up and running with our technology. So in that spirit I thought I would write a very quick, bare bones guide to getting an instance of OpenAM up and running.

For this exercise I am going to use Tomcat 8 as the web container for OpenAM. I am also going to use the embedded OpenDJ as both the user and configuration store. This is not recommended for production but is ideal for development purposes.

I am going to install locally on my Macbook, but the steps for Windows or Linux deployments are basically the same. I am going to cover the preparation of Tomcat and the installation and initial configuration of OpenAM. Everything you need to get up and running.

Prerequisites

For this exercise please:

Ensure there is a Java Development Kit (JDK) installed, and your environment path is set appropriately.

Steps

Preparation

Installation

1. Create a directory for the environment, I tend to use: /usr/local/env/fivemins

2. Unzip Tomcat:

unzip apache-tomcat-8.5.9.zip

mv apache-tomcat-8.5.9 tomcatam

3. Unzip OpenAM:

unzip OpenAM-13.5.0.zip

mv openam/OpenAM-13.5.0.war tomcatam/webapps/openam.war

4. Make Tomcat executable:

cd tomcatam/bin

chmod +x *.sh

5. Start Tomcat:

cd tomcatam/bin

./startup.sh

6. Navigate to OpenAM: http://localhost.localdomain.com:8080/openam

Installing OpenAM

1. Select Create Default Configuration. By doing this OpenAM will use an embedded instance of OpenDJ as both a directory and user store with no configuration required. This is not recommended for production environments but is great for development.

2. Accept the license agreement and press Continue

3. Enter default passwords for the administrator and policy agent.

The Default UserPassword is the password you will use to log in to OpenAM as administrator. Make sure you remember it!

The Policy Agent User Password would be used if we were integrating a policy agent with OpenAM.

4. Press Create Configuration and wait a few moments...

5. Press Proceed to Login
6. Log in as amadmin with the Default User Password from earlier.

7. All being well, you should now be logged in as administrator

8. If you logout, you can also log in as the demo user:

9. Enter the username demo and the password changeit. Demo is a normal, non administrator user and as such can only see the user dashboard.

Summary

We have just installed and configured a vanilla instance of OpenAM, in around about 5 minutes. Obviously by itself this doesn't do much but in future blogs we will explore how to quickly implement functionality such as social login or two factor authentication and build on top of this simple exercise.